AWF supports ARC runners where the runner filesystem and Docker daemon filesystem are split (DinD sidecar patterns).
- Split-filesystem probing for
--docker-host-path-prefix - Chroot staging for:
- invoking CLI binary (
copilot,claude,codex, etc.) /etc/passwd/etc/group- generated chroot
/etc/hosts
- invoking CLI binary (
- DinD
DOCKER_HOSTpropagation into agent/MCP environments when DinD is detected
{
"container": {
"enableDind": true,
"dockerHostPathPrefix": "/tmp/gh-aw"
},
"chroot": {
"binariesSourcePath": "/tmp/gh-aw/runner-bin",
"identity": {
"home": "/tmp/gh-aw/home",
"user": "runner",
"uid": 1001,
"gid": 1001
}
},
"dind": {
"preStageDirs": true,
"workDir": "/tmp/gh-aw",
"stagingImage": "ghcr.io/github/gh-aw-firewall/agent:latest",
"stageEngineBinary": {
"path": "/usr/local/bin/copilot",
"targetPath": "/usr/local/bin/copilot"
}
}
}chroot.identity.*: applied inside entrypoint afterchroot /hostto override HOME/USER/LOGNAME and identity mapping hints.chroot.binariesSourcePath: mounts a runner-side binaries directory over/usr/local/bininside chroot mode so runner-installed CLIs are visible even when/usrcomes from the DinD daemon filesystem.dind.preStageDirs: runs a short-lived staging container in DinD mode to create required workdir tree with open permissions.dind.stageEngineBinary: copies an engine binary from the runner path into daemon-visible filesystem before compose startup.dind.stagingImage: image used for short-lived staging containers.dind.workDir: target root for DinD pre-staged directory tree (/tmp/gh-awdefault).
AWF detects likely ARC/DinD environments at startup and warns when --docker-host-path-prefix is missing:
- non-default unix
DOCKER_HOSTsocket paths (outside/var/run/docker.sockand/run/docker.sock) AWF_DIND=1
For ARC DinD chroot workloads, prefer the glibc companion image:
ghcr.io/github/gh-aw-firewall/dind-ubuntu:latest
It includes docker-ce, libcap2-bin (capsh), and Node.js preinstalled.
Copilot CLI still requires node to be available inside the chrooted runtime PATH.